Unable to setup on Samsung 970 Evo #232
Comments
|
I tried a PSID Revert and that seems to have resolved the NOT_AUTHORIZED problem. However, now I am running into the same issue as #213 |
|
I was able to resolve this using dd to write the PBA image to a thumb drive and leave it attached to the system. System will boot and recognize the PBA and will send the password to all drives, even non opal drives. This will unlock the drive. |
|
another way is to have a secondary drive to laod the booloader right now it is impossible to bootdrive encrypt NVME opal drives at all. i did simpyl the windows efi partition to a secondary cruical and gave every drive the same password. |
|
I can boot the NVME opal drive, but I noticed that the PSID Revert didn't delete my data at all. This is very concerning. Did it happen to you? |
|
Yes, as far as I remember, the PSID Revert didn't delete any data for me either. |
|
if the PSID revert didn't delete any data, maybe the SSD has not generate media encryption key(MEK) for Global range.
|
|
Sorry, Correction: 1. do PSID revert and write some data to block 0 |
Can you advice how to make a log file and where to find it when using RESCUE64 disk. I'm new in Linux and as i see in wiki there is instruction how to this from windows. |
On some NVME drives it most certainly works. I know the 960 Pro can do it. |
|
The Samsung 970 Pro also exhibits this behavior. The PSID revert fixes it here as well, while not actually wiping any data. |
|
Hi all, |
|
PSID revert helped me too. No data was actually erased. Made a backup before anyway. thanks! |
|
Same deal with Samsung 980 Pro, need to do PSID Revert first but it didn't remove any data and it's working after that. |
|
Works
Works fine atleast with 980 Pro. |
Hi,
I am trying to setup encryption on a new Samsung 970 Evo drive. However, it fails with a NOT_AUTHORIZED error, even though this is the initial setup and the drive hasn't been encrypted before.
$ sedutil-cli --initialSetup debug /dev/nvme0
method status code NOT_AUTHORIZED
Session start failed rc = 1
One or more header fields have 0 length
EndSession Failed
takeOwnership failed
Initial setup failed - unable to take ownership
The query command shows that the drive is not currently encrypted.
$ sedutil-cli --query /dev/nvme0
/dev/nvme0 NVMe Samsung SSD 970 EVO 250GB 1B2QEXE7 S465NB0K508435W
TPer function (0x0001)
ACKNAK = N, ASYNC = N. BufferManagement = N, comIDManagement = N, Streaming = Y, SYNC = Y
Locking function (0x0002)
Locked = N, LockingEnabled = N, LockingSupported = Y, MBRDone = N, MBREnabled = N, MediaEncrypt = Y
Geometry function (0x0003)
Align = Y, Alignment Granularity = 8 (4096), Logical Block size = 512, Lowest Aligned LBA = 0
DataStore function (0x0202)
Max Tables = 9, Max Size Tables = 10485760, Table size alignment = 1
OPAL 2.0 function (0x0203)
Base comID = 0x1004, Initial PIN = 0x0, Reverted PIN = 0x0, comIDs = 1
Locking Admins = 4, Locking Users = 9, Range Crossing = N
**** 2 **** Unknown function codes IGNORED
TPer Properties:
MaxComPanotheracketSize = 66048 MaxResponseComPacketSize = 66048
MaxPacketSize = 66028 MaxIndTokenSize = 65540 MaxPackets = 1
MaxSubpackets = 1 MaxMethods = 1 MaxAuthentications = 5
MaxSessions = 1 MaxTransactionLimit = 1 DefSessionTimeout = 0
Host Properties:
MaxComPacketSize = 2048 MaxResponseComPacketSize = 2048
MaxPacketSize = 2028 MaxIndTokenSize = 1992 MaxPackets = 1
MaxSubpackets = 1 MaxMethods = 1
This happens both when running sedutil from the rescue image as well as when running it from a bootable Linux DVD.
I have also collected the -vvvv traces from initialSetup. Please see attached.
Please let me know if you have any suggestions about how to make it work.
init-setup.log
The text was updated successfully, but these errors were encountered: